New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

KZL 290 - Add fixtures for securities #1182

Merged
merged 12 commits into from Aug 30, 2018

Conversation

@Aschen
Contributor

Aschen commented Aug 10, 2018

What does this PR do ?

This PR allow to load fixtures for users, profiles and roles at Kuzzle startup.
The roles and profiles are loaded with createOrReplace and the users are first deleted with mDeleteUsers and then created with createUser.

Documentation PR: kuzzleio/documentation#521

The securities fixtures must have the following format:

{
  "roles": {
    "driver": {
      "controllers": {
        "auth": {
          "actions": {
            "checkToken": true,
            "getCurrentUser": true,
            "getMyRights": true,
            "login": true
          }
        },
        "document": {
          "actions": {
            "*": true
          }
        }
      }
    }
  },
  "profiles": {
    "driver": {
      "policies": [
        {
          "roleId": "driver",
          "restrictedTo": [
            { "index": "nyc-open-data", "collections": ["yellow-taxi"] }
          ]
        }
      ]
    }
  },
  "users": {
    "bcalhoun": {
      "content": {
        "profileIds": ["driver"]
      },
      "credentials": {
        "local": {
          "username": "bcalhoun",
          "password": "blueshift"
        }
      }
    }
  }
}

How should this be manually tested?

  • Step 1 : Start only elasticsearch and redis with docker-compose (don't forget to expose the ports 9200 and 6379 respectively)
  • Step 2 : Run Kuzzle from the commande line: ./bin/kuzzle start --fixtures test/mocks/securities.json
  • Step 3 : Check the roles, profiles and users presence in the admin console

Other changes

  • Move mappings and fixtures loading to Janitor
  • Fix node inspector in docker-compose
  • Fix #1184 : Refactor a little the method load in the repositories to reject with an explicit NotFoundError. Some methods (persistUser generator from SecurityController and load from PluginRepository) needed to return null instead of rejecting with a 404 so I added an optional returnNull options to the loadOneFromDatabase method.

@Aschen Aschen self-assigned this Aug 10, 2018

@Aschen Aschen changed the base branch from master to 1.x Aug 10, 2018

Aschen added some commits Aug 16, 2018

@codecov-io

This comment has been minimized.

Show comment
Hide comment
@codecov-io

codecov-io Aug 16, 2018

Codecov Report

Merging #1182 into 1.x will decrease coverage by 0.2%.
The diff coverage is 83.9%.

Impacted file tree graph

@@            Coverage Diff             @@
##              1.x    #1182      +/-   ##
==========================================
- Coverage   93.92%   93.72%   -0.21%     
==========================================
  Files          91       91              
  Lines        6424     6612     +188     
==========================================
+ Hits         6034     6197     +163     
- Misses        390      415      +25
Impacted Files Coverage Δ
lib/api/core/models/repositories/roleRepository.js 98.46% <100%> (-0.03%) ⬇️
lib/api/core/models/repositories/userRepository.js 95% <100%> (ø) ⬆️
lib/api/core/models/repositories/repository.js 97.08% <100%> (-0.7%) ⬇️
.../api/core/models/repositories/profileRepository.js 100% <100%> (ø) ⬆️
...b/api/core/models/repositories/pluginRepository.js 85.71% <20%> (-10.12%) ⬇️
lib/api/controllers/securityController.js 98.31% <78.57%> (-0.83%) ⬇️
lib/services/elasticsearch.js 93.36% <85.71%> (-0.17%) ⬇️
lib/api/core/janitor.js 88.32% <88.67%> (+0.13%) ⬆️
lib/api/controllers/realtimeController.js 93.75% <0%> (-2.68%) ⬇️
lib/api/core/notifier.js 74.12% <0%> (-1.84%) ⬇️
... and 2 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4c2be61...70273aa. Read the comment docs.

codecov-io commented Aug 16, 2018

Codecov Report

Merging #1182 into 1.x will decrease coverage by 0.2%.
The diff coverage is 83.9%.

Impacted file tree graph

@@            Coverage Diff             @@
##              1.x    #1182      +/-   ##
==========================================
- Coverage   93.92%   93.72%   -0.21%     
==========================================
  Files          91       91              
  Lines        6424     6612     +188     
==========================================
+ Hits         6034     6197     +163     
- Misses        390      415      +25
Impacted Files Coverage Δ
lib/api/core/models/repositories/roleRepository.js 98.46% <100%> (-0.03%) ⬇️
lib/api/core/models/repositories/userRepository.js 95% <100%> (ø) ⬆️
lib/api/core/models/repositories/repository.js 97.08% <100%> (-0.7%) ⬇️
.../api/core/models/repositories/profileRepository.js 100% <100%> (ø) ⬆️
...b/api/core/models/repositories/pluginRepository.js 85.71% <20%> (-10.12%) ⬇️
lib/api/controllers/securityController.js 98.31% <78.57%> (-0.83%) ⬇️
lib/services/elasticsearch.js 93.36% <85.71%> (-0.17%) ⬇️
lib/api/core/janitor.js 88.32% <88.67%> (+0.13%) ⬆️
lib/api/controllers/realtimeController.js 93.75% <0%> (-2.68%) ⬇️
lib/api/core/notifier.js 74.12% <0%> (-1.84%) ⬇️
... and 2 more

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4c2be61...70273aa. Read the comment docs.

@Aschen Aschen removed the wip label Aug 16, 2018

@Aschen

This comment has been minimized.

Show comment
Hide comment
@Aschen

Aschen Aug 16, 2018

Contributor

I'm not quite sure for the label, enhancement or new-feature ? @ballinette

Contributor

Aschen commented Aug 16, 2018

I'm not quite sure for the label, enhancement or new-feature ? @ballinette

@Aschen Aschen added wip and removed need-documentation labels Aug 16, 2018

@ballinette

This comment has been minimized.

Show comment
Hide comment
@ballinette

ballinette Aug 17, 2018

Member

We can consider that fixtures loading is a Kuzzle's feature.
So as we add a fixture, we can consider it as a new-feature

Member

ballinette commented Aug 17, 2018

We can consider that fixtures loading is a Kuzzle's feature.
So as we add a fixture, we can consider it as a new-feature

Fix #1184: Better error message when object not found in repositories
Refactor repository loadOneFromDatabase method to reject with an explicit 404 when not found
Allow the old api usage which return a null object when not found for SecurityController#persistUser and PluginRepository#load

@Aschen Aschen removed the wip label Aug 17, 2018

Aschen added some commits Aug 17, 2018

Show outdated Hide outdated lib/api/core/janitor.js Outdated
Show outdated Hide outdated lib/api/core/janitor.js Outdated
Show outdated Hide outdated lib/api/core/janitor.js Outdated
Show outdated Hide outdated lib/api/core/janitor.js Outdated
Show outdated Hide outdated lib/api/core/janitor.js Outdated
Show outdated Hide outdated lib/api/core/models/repositories/repository.js Outdated
Show outdated Hide outdated lib/api/core/models/repositories/repository.js Outdated

Aschen added some commits Aug 22, 2018

@ballinette

This comment has been minimized.

Show comment
Hide comment
@ballinette

ballinette Aug 28, 2018

Member

@scottinet are the latest changes OK for you ?

Member

ballinette commented Aug 28, 2018

@scottinet are the latest changes OK for you ?

@scottinet scottinet merged commit 32d8793 into 1.x Aug 30, 2018

4 checks passed

codecov/project 93.72% (-0.21%) compared to 4c2be61
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details
sonarqube SonarQube reported no issues

@scottinet scottinet deleted the KZL-290/add-fixtures-for-securities branch Aug 30, 2018

@scottinet scottinet referenced this pull request Sep 13, 2018

Merged

Release 1.5.0 #1194

scottinet added a commit that referenced this pull request Sep 13, 2018

Release 1.5.0 (#1194)
* fixes #1125 - aggs & sort on user search (#1144)

* Add AdminController (#1129)

* KZL-143 KZL-145 add admin controller and reset cache action

* Boyscout: fix crash because kuzzle try to load protocols in simplefiles

* Add tests for adminController

* Add resetKuzzleData and resetSecurity

* fix features for admin controller

* Add resetDatabase

* fix tests

* fix tests

* fix tests

* Add default rights restrictions for admin controller

* Fix test

* Fix test

* Use API for all actions except dump

* Add generateDump

* Fix tests and remove old cli tests

* Remove reset security scenario

* Make sonarqube happy

* Remove references to cliController

* Fix features

* fix internal error

* remove internal broker

* re-add shutdown

* fix test

* Put shutdown in adminController

* Reset defaults roles and profiles with resetSecurity

* replace ws by uws

* Nitpicking

* increase coverage

* increase coverage

* increase coverage

* fix linter

* increase coverage

* put back proxyBroker

* fix tests

* remove tests

* fix tests

* nitpicking

* Updates for PR

* Put back defaut config

* Disable dump if it is specified in config

* fix message in cli

* add truncate() method on repositories + refactor admin controller to use truncate()

* fix admin controller

* fix test

* Add Janitor core component

* return number of deleted objects in truncate

* fix linter

* catch TypeError for scanStream

* fix linter

* Please sonarqube

* fix linter

* Nitpicking

* Updates for PR

* update headers

* fix linter

* fix tests

* deprecate "constructor" auth option and replace it with "authenticator" (#1145)

* deprecate "constructor" auth option and replace it with "authenticator"

* fix sonarqube issues

* Add action and controller in request input for http events (#1143)

* Add action and controller in request input for http events

* put back some code

* nitpicking

* Add forgotten files --'

* Test Kuzzle against different node LTS versions (#1147)

* set ulimits for elasticsearch (#1148)

* Update kuzzle-common-objects module (#1150)

* adapt tests to new common objects version

* dependencies update

* npm audit fix

* update to plugin auth local 5.1.3 (#1149)

* update to plugin auth local 5.1.3

* adapt tests to new common objects version

* dependencies update

* npm audit fix

* prevent a breaking change when upgrade from a pre-1.4.0 version

* Revert "prevent a breaking change when upgrade from a pre-1.4.0 version"

This reverts commit 8328f50.

* prevent a breaking change occuring when upgrading Kuzzle with old config files (#1154)

* Inject protocol informations into the RequestContext object (#1155)

* inject protocol info into requestcontext

* fix incoming context infos coming from the proxy

* revert debug modification

* no need to manually copy incoming headers

* update unit tests

* fix sonarqube issu

* jsdoc fix

* fixes #1146, passport login request missing headers (#1153)

* fixes #1146, passport login request missing headers

* oauth - add some comments on arbritraty method & url

* Add script to build and push docker images (#1152)

* Add script to build and push docker images

* Add script to build and push docker images

* Fix build script

* add comment to secret env

* Use kuzzleteam account for dockerhub

* Update subnmodule

* Dont build and push on hotfix merge

* fix #1161 (#1162)

* fix startup message (#1163)

* Fix #1131: listCollections limited to the provided collection name, when specified (#1157)

* fixes #1156 - missing version in swagger output (#1164)

* add token infos to login response (#1171)

* disable dump by default (#1172)

* disable dump by default

* fix tests:

* fix #447: allow to search document with empty query through a HTTP GET request

* fix unit test

* Replace ParseError errors with BadRequestError objects (#1158)

* replace ParseError (deprecated) with BadRequestError

* fix #1168: remove useless CLI --port option  (#1177)

* fix #1168

* remove useless --port option in CLI start command

* fix #1174 (#1176)

* Fix #1115: Standardize the scrollId return value (#1173)

* Standardize the scrollId return value

* typo

* typo

* Initialize repositories before plugins (#1167)

* Initialize repositories before plugins

* remove one then() level

* Use local multi-stage build for kuzzleio/plugin-dev and kuzzleio/kuzzle (#1178)

* Update Dockerfile and build-docker-images script\n Now with multi-stage build and support for 1.x and 2.x development branch
* Remove pm2 from prod image
* Use latest node 8 version

* Add metadata to published documents (#1186)

* KZL 454 - Allow subscribe filters on metadata (#1185)

* Do not cache requests with publish(), call koncorde two times instead

* Add functionnal test for subscription filter on metadata

* Add LGTM.com code quality badges (#1187)

* KZL 290 - Add fixtures for securities (#1182)

* Move mappings and fixtures loading to Janitor

* Fix bug in repository#delete when object is not present

* Add ability to load roles, profiles and users to Janitor and CLI

* Add test for Janitor#loadSecurities

* remove .only from test

* Fix #1184: Better error message when object not found in repositories
Refactor repository loadOneFromDatabase method to reject with an explicit 404 when not found
Allow the old api usage which return a null object when not found for SecurityController#persistUser and PluginRepository#load

* Fix test

* rename getUserId

* Update for PR

* refactor janitor _create* method

* Please sonarqube

* typo

* Plugins/Protocols manifest.json overhaul (#1181)

* wip

* change reporter to dot

* fix polluting console outputs

* upgrade unit tests to make them handle the new plugin structure

* new manifest.json handling tests+fixes

* fix sonarqube issue

* x_x

* implement @benoitvidis asked changes

* fix circular json in manifest objects

* add control to manifest stringification

* remove privileged mode for protocols

* Update docker build script for new branch name 1-dev (#1190)

* Update images build script

* push only if we are on the major build

* remove test

* update default plugins (#1193)

* KZL-174 Expose to plugins a SDK instance directly mapped to the funnel (#1179)

* wip

* KZL-177: custom "funnel" network wrapper for SDK

* KZL-178: Export javascript SDK to plugins

* refactor executePluginRequest: now returns a promise

* KZL-177: revert funnelcallController => now sdk wrapper calls directly funnel.executePluginRequest

* mark `pluginContext.accessor.execute` as deprecated

* clean code

* update package-lock

* fix comment

* tix typo

* dependencies update

* remove debug config

* Release 1.5.0

* dependencies update
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment